From patchwork Mon Jul 12 05:16:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vitaly Chikunov X-Patchwork-Id: 12370177 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1BD8EC07E99 for ; Mon, 12 Jul 2021 05:17:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DC1416100A for ; Mon, 12 Jul 2021 05:17:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230114AbhGLFT5 (ORCPT ); Mon, 12 Jul 2021 01:19:57 -0400 Received: from vmicros1.altlinux.org ([194.107.17.57]:33914 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230062AbhGLFT5 (ORCPT ); Mon, 12 Jul 2021 01:19:57 -0400 Received: from imap.altlinux.org (imap.altlinux.org [194.107.17.38]) by vmicros1.altlinux.org (Postfix) with ESMTP id 4BAF172C8B4; Mon, 12 Jul 2021 08:17:08 +0300 (MSK) Received: from beacon.altlinux.org (unknown [193.43.10.9]) by imap.altlinux.org (Postfix) with ESMTPSA id 34FBF4A46ED; Mon, 12 Jul 2021 08:17:08 +0300 (MSK) From: Vitaly Chikunov To: Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org Subject: [PATCH ima-evm-utils 1/3] CI: Do not install swtpm if it cannot work anyway Date: Mon, 12 Jul 2021 08:16:42 +0300 Message-Id: <20210712051644.2469633-1-vt@altlinux.org> X-Mailer: git-send-email 2.29.3 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Do not need to waste CPU cycles and time to install swtpm in CI container if distribution does not have tssstartup, because we will be not able to start it. Signed-off-by: Vitaly Chikunov --- .github/workflows/ci.yml | 8 +++++++- .travis.yml | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git .github/workflows/ci.yml .github/workflows/ci.yml index f08733a..2e0b1b0 100644 --- .github/workflows/ci.yml +++ .github/workflows/ci.yml @@ -112,7 +112,13 @@ jobs: ARCH="$ARCH" CC="$CC" TSS="$TSS" ./ci/$INSTALL.sh - name: Build swtpm - run: if [ ! "$VARIANT" ]; then which tpm_server || which swtpm || ./tests/install-swtpm.sh; fi + run: | + if [ ! "$VARIANT" ]; then + which tpm_server || which swtpm || \ + if which tssstartup; then + ./tests/install-swtpm.sh; + fi + fi - name: Compiler version run: $CC --version diff --git .travis.yml .travis.yml index 5b07711..94fbb94 100644 --- .travis.yml +++ .travis.yml @@ -93,4 +93,4 @@ before_install: script: - INSTALL="${DISTRO%%:*}" - INSTALL="${INSTALL%%/*}" - - $CONTAINER run $CONTAINER_ARGS -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || ./tests/install-swtpm.sh; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ./build.sh" + - $CONTAINER run $CONTAINER_ARGS -t ima-evm-utils /bin/sh -c "if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./ci/$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./ci/$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || if which tssstartup; then ./tests/install-swtpm.sh; fi; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ./build.sh" From patchwork Mon Jul 12 05:16:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vitaly Chikunov X-Patchwork-Id: 12370179 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D325C07E99 for ; Mon, 12 Jul 2021 05:17:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4899B6100A for ; Mon, 12 Jul 2021 05:17:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230132AbhGLFUD (ORCPT ); Mon, 12 Jul 2021 01:20:03 -0400 Received: from vmicros1.altlinux.org ([194.107.17.57]:33996 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230062AbhGLFUD (ORCPT ); Mon, 12 Jul 2021 01:20:03 -0400 Received: from imap.altlinux.org (imap.altlinux.org [194.107.17.38]) by vmicros1.altlinux.org (Postfix) with ESMTP id 4F99972C8B4; Mon, 12 Jul 2021 08:17:14 +0300 (MSK) Received: from beacon.altlinux.org (unknown [193.43.10.9]) by imap.altlinux.org (Postfix) with ESMTPSA id 3DC7E4A46ED; Mon, 12 Jul 2021 08:17:14 +0300 (MSK) From: Vitaly Chikunov To: Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org Subject: [PATCH ima-evm-utils 2/3] CI: Do not use sudo when it does not needed Date: Mon, 12 Jul 2021 08:16:43 +0300 Message-Id: <20210712051644.2469633-2-vt@altlinux.org> X-Mailer: git-send-email 2.29.3 In-Reply-To: <20210712051644.2469633-1-vt@altlinux.org> References: <20210712051644.2469633-1-vt@altlinux.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Some distributions, such as ALT, cannot use sudo under root by default. Error message will appear: root is not in the sudoers file. This incident will be reported. Signed-off-by: Vitaly Chikunov --- tests/install-swtpm.sh | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git tests/install-swtpm.sh tests/install-swtpm.sh index 2666748..51aa377 100755 --- tests/install-swtpm.sh +++ tests/install-swtpm.sh @@ -1,5 +1,13 @@ -#!/bin/sh -set -ex +#!/bin/sh -ex + +# No need to run via sudo if we already have permissions. +# Also, some distros do not have sudo configured for root: +# `root is not in the sudoers file. This incident will be reported.' +if [ -w /usr/local/bin ]; then + SUDO= +else + SUDO=sudo +fi version=1637 @@ -9,5 +17,5 @@ cd ibmtpm$version tar --no-same-owner -xvzf ../download cd src make -j$(nproc) -sudo cp tpm_server /usr/local/bin/ +$SUDO cp tpm_server /usr/local/bin/ cd ../.. From patchwork Mon Jul 12 05:16:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vitaly Chikunov X-Patchwork-Id: 12370181 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 999A7C07E99 for ; Mon, 12 Jul 2021 05:17:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 70C4D61008 for ; Mon, 12 Jul 2021 05:17:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230158AbhGLFUJ (ORCPT ); Mon, 12 Jul 2021 01:20:09 -0400 Received: from vmicros1.altlinux.org ([194.107.17.57]:34158 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230062AbhGLFUJ (ORCPT ); Mon, 12 Jul 2021 01:20:09 -0400 Received: from imap.altlinux.org (imap.altlinux.org [194.107.17.38]) by vmicros1.altlinux.org (Postfix) with ESMTP id ACBF872C8B4; Mon, 12 Jul 2021 08:17:20 +0300 (MSK) Received: from beacon.altlinux.org (unknown [193.43.10.9]) by imap.altlinux.org (Postfix) with ESMTPSA id 94E994A46ED; Mon, 12 Jul 2021 08:17:20 +0300 (MSK) From: Vitaly Chikunov To: Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org Subject: [PATCH ima-evm-utils 3/3] CI: Add support for ALT Linux Date: Mon, 12 Jul 2021 08:16:44 +0300 Message-Id: <20210712051644.2469633-3-vt@altlinux.org> X-Mailer: git-send-email 2.29.3 In-Reply-To: <20210712051644.2469633-1-vt@altlinux.org> References: <20210712051644.2469633-1-vt@altlinux.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Build on Sisyphus branch which is bleeding edge repository. Package manager is apt-rpm (not APT as it may look from the scripts). Signed-off-by: Vitaly Chikunov --- .github/workflows/ci.yml | 5 +++++ .travis.yml | 4 ++++ ci/alt.sh | 24 ++++++++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100755 ci/alt.sh diff --git .github/workflows/ci.yml .github/workflows/ci.yml index 2e0b1b0..088c041 100644 --- .github/workflows/ci.yml +++ .github/workflows/ci.yml @@ -92,6 +92,11 @@ jobs: CC: clang TSS: ibmtss + - container: "alt:sisyphus" + env: + CC: gcc + TSS: libtpm2-tss-devel + container: image: ${{ matrix.container }} env: ${{ matrix.env }} diff --git .travis.yml .travis.yml index 94fbb94..7a76273 100644 --- .travis.yml +++ .travis.yml @@ -67,6 +67,10 @@ matrix: env: DISTRO=debian:stable TSS=ibmtss compiler: gcc + - os: linux + env: DISTRO=alt:sisyphus TSS=libtpm2-tss-devel + compiler: gcc + before_install: # Tumbleweed requires podman and newest runc due docker incompatible with glibc 2.33 (faccessat2) - CONTAINER="${CONTAINER:-docker}" diff --git ci/alt.sh ci/alt.sh new file mode 100755 index 0000000..e7a891f --- /dev/null +++ ci/alt.sh @@ -0,0 +1,24 @@ +#!/bin/sh -ex +# SPDX-License-Identifier: GPL-2.0-only +# +# Install build env for ALT Linux + +apt-get update -y + +# rpm-build brings basic build envirenment with gcc, make, autotools, etc. +apt-get install -y \ + $CC \ + $TSS \ + asciidoc \ + attr \ + docbook-style-xsl \ + libattr-devel \ + libkeyutils-devel \ + libssl-devel \ + openssl \ + openssl-gost-engine \ + rpm-build \ + wget \ + xsltproc \ + xxd +